EUVD-2010-3674

Malware in sbrugna...

EUVD-2012-5470

Malware in sbrugna...

EUVD-2010-2800

Malware in sbrugna...

EUVD-2010-2799

Malware in sbrugna...

EUVD-2010-3675

Malware in sbrugna...

EUVD-2017-1388

Malware in sbrugna...

EUVD-2012-1138

Malware in sbrugna...

EUVD-2010-3676

Malware in sbrugna...

EUVD-2022-3362

Malicious code in bioql PyPI...

EUVD-2022-7285

Malicious code in bioql PyPI...

EUVD-2022-2303

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-1000071

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass in the validateCAS20 function when configured to authenticate against an old CAS server...

Moodle < 3.9.23 phpCAS Library Upgrade

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.23, 3.11.x prior to 3.11.16 or 4.0.x prior to 4.0.10. The phpCAS library included with Moodle has been upgraded to version 1.6.0, which includes a fix for a serious security issue. Note that the...

Moodle 4.0.x < 4.0.10 phpCAS Library Upgrade

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.23, 3.11.x prior to 3.11.16 or 4.0.x prior to 4.0.10. The phpCAS library included with Moodle has been upgraded to version 1.6.0, which includes a fix for a serious security issue. Note that the...

Moodle 3.11.x < 3.11.16 phpCAS Library Upgrade

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.23, 3.11.x prior to 3.11.16 or 4.0.x prior to 4.0.10. The phpCAS library included with Moodle has been upgraded to version 1.6.0, which includes a fix for a serious security issue. Note that the...

CVE-2022-39369

phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service CAS server. The phpCAS library uses HTTP headers to determine the service URL used to validate tickets. This allows an attacker to control the host header and use a...

ROS-20240808-04

A vulnerability in the phpCAS::setUrl function of the phpCAS authentication library is related to the use of HTTP headers to determine the URL of a service used to validate tickets. HTTP to determine the URL of the service used to validate tickets, allowing the control of the host header and use ...

USN-6913-2 php-cas vulnerability

USN-6913-1 fixed CVE-2022-39369 for Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This update provides the corresponding fix for Ubuntu 16.04 LTS. Original advisory details: Filip Hejsek discovered that phpCAS was using HTTP headers to determine the service URL used to validate tickets. A remote attacke...

Ubuntu 16.04 LTS : phpCAS vulnerability (USN-6913-2)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6913-2 advisory. USN-6913-1 fixed CVE-2022-39369 for Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This update provides the corresponding fix for Ubuntu 16.04 LTS. Tenable has extracted...

Ubuntu: Security Advisory (USN-6914-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...